Some core recipies

TLS secured syslog via RELP

This article will show you, how to use simple tls encryption with the RELP protocol for sending and receiving syslog messages. We basically need two machines, both running at least rsyslog 7.3.16. In addition to rsyslog, we also need the most current version of librelp. General information When installing rsyslog, make sure to enable the […]

Action’s with directives

This snippet will show, how Action directives need to be applied to work properly. We will show it with the RELP output module. RELP should ensure a safe and loss-free transmission between two machines. But if not configured properly, messages may get lost anyway. This is mainly meant for any client side configuration. First of […]

Writing specific messages to a file and discarding them

Messages with the text “error” inside the text part of the message shall be written to a specific file. They shall not be written to any other file or be processed in any other way. Things to think about The configuration given here should be placed on top of the rsyslog.conf file. Config Statements :msg, […]

Sending Messages to a Remote Syslog Server

In this recipe, we forward messages from one system to another one. Typical use cases are: the local system does not store any messages (e.g. has not sufficient space to do so) there is a (e.g. legal) requirement to consolidate all logs on a single system the server may run some advanced alerting rules, and […]

Receiving Messages from a Remote System

This is a log-consolidation scenario. There exist at least two systems, a server and at least one client. The server is meant to gather log data from all the clients. Clients may (or may not) process and store messages locally. If they do doesn’t matter here. See recipe Sending Messages to a Remote Syslog Server […]

Using a different log Format for all Files

Rsyslog comes with a limited set of log file formats. These resemble the default format that people (and log analyzers) usually expect. However, for some reason or another, it may be required to change the log format. In this recipe, we define a new format and use it as the default format for all log […]

Discarding unwanted messages

Often, there are some messages that you know you will never store in any log file. Even worse, these messages are sometimes very frequently emitted. There are various ways to get rid of those unwanted messages. First of all, you need to identify them. Then look carfully and see what is special with these messages. […]

Scroll to top